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Summary 

This report describes the emerging areas of information operations, electronic warfare, and 
cyberwar in the context of U.S. national security. It also suggests related policy issues of potential 
interest to Congress. 

For military planners, the control of information is critical to military success, and 
communications networks and computers are of vital operational importance. The use of 
technology to both control and disrupt the flow of information has been generally referred to by 
several names: information warfare, electronic warfare, cyberwar, netwar, and Information 
Operations (10). Currently, 10 activities are grouped by the Department of Defense (DOD) into 
five core capabilities: (1) Psychological Operations, (2) Military Deception, (3) Operational 
Security, (4) Computer Network Operations, and (5) Electronic Warfare. 

Current U.S. military doctrine for IO now places increased emphasis on Psychological 
Operations, Computer Network Operations, and Electronic Warfare, which includes use of non- 
kinetic electromagnetic pulse (EMP) weapons, and non-lethal weapons for crowd control. 
However, as high technology is increasingly incorporated into military functions, the boundaries 
between all five 10 core capabilities are becoming blurred. DOD also acknowledges the existence 
of a cyber domain, which is similar to air, land, and sea. This new domain is the realm where 
military functions occur that involve manipulation of the electromagnetic spectrum. 

This report will be updated to accommodate significant changes. 
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Introduction 

Background 

Control of information has always been part of military operations, and the U.S. Strategic 
Command views information operations as a core military competency, with new emphasis on (1) 
use of electromagnetic energy, (2) cyber operations, and (3) use of psychological operations to 
manipulate an adversary’s perceptions. Department of Defense (DOD) officials now consider 
cyberspace to be a domain for warfare, similar to air, space, land, and sea. 1 

Each service has organizations with Information Operations (10) and Electronic Warfare (EW) 
responsibilities: (1) the Naval Network Warfare Command (NETWARCOM) is the Navy’s central 
operational authority for space, information technology requirements, network and information 
operations in support of naval forces afloat and ashore; 2 (2) the Army Reserve Information 
Operations Command has responsibility for conducting information operations, the U.S. Army IO 
Proponent is responsible for developing requirements for 10 doctrine and training, and the Army 
Intelligence and Electronic Warfare Directorate provides testing services for Electronic Warfare; 3 
and finally, (3) the Air Force has created a new Cyber Command with responsibility for its 
portion of cyberwarfare, electronic warfare, and protection of U.S. critical infrastructure networks 
that support telecommunications systems, utilities, and transportation. 4 

The DOD views information itself as both a weapon and a target in warfare. In particular, 
Psychological Operations (PSYOP) provides DOD with the ability to rapidly disseminate 
persuasive information to directly influence the decision making of diverse audiences, and is seen 
as a means for deterring aggression, and important for undermining the leadership and popular 
support for terrorist organizations. 5 

However, a 2006 report by the Rand Corporation describes how IO can also affect audiences 
outside of the intended target, stating, 

... in contingencies involving an opponent, information operations planning and execution 
should include noncombatant considerations that may have nothing to do with affecting the 
enemy’s activities or defending friendly force capabilities. In today’s conflict environment 
the impact of information operations is seldom limited to two opposing sides. Second and 



1 Jason Ma, “Information Operations To Play a Major Role in Deterrence Posture,” Inside Missile Defense, December 
10, 2003 http://www.insidedefense.com/secure/defense_docnum. asp ?f=defense_2002.ask&docnum=MISSILE-9-25-4. 
Todd Lopez, Air Force Leaders to Discuss new ' Cyber Command’, Air Force News, November 5, 2006, 
http://www.8af.acc. af.mil/news/story_print. asp?storyID= 12303 1988. 

2 Naval Network Warfare Command, http://www.netwarcom.navy.mil/. 

3 United States Army Information Operations Proponent, April 2007, http://usacac.army.mil/CAC/usaiop.asp. James E. 
McConville, U.S. Army Information Operations: Concept and Execution, Military Intelligence Professinal Bulletin, 
http://www.fas.org/irp/agency/army/mipb/1997-l/mcconvl.htm. U.S. Army Test and Evaluation Command, 
http://www.atec.army.mil/OTC%5Cwho_iewtd_is.htm. 

4 Peter Buxbaum, Air Force Explores the Next Frontier, Government Computer News, February 19, 2007, 
http://www.gcn.com/print/26_04/43 153- 1 .html. 

5 DOD Information Operations Roadmap, October 30, 2004, p. 3. This document was declassified January 2006, and 
obtained through FOIA by the National Security Archive at George Washington University, http://www.gwu.edu/ 
~nsarchiv/NSAEBB/NSAEBB177/info_ops_roadmap.pdf. 
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higher-order effects will most likely influence all parties in opposition, impact various and 
varied noncombatant groups, and be interpreted in different ways by members of the media 
and audiences worldwide. 6 

Thus, new technologies for military 10 also create new national security policy issues, including 
(1) consideration of psychological operations used to affect friendly nations or domestic 
audiences; and (2) possible accusations against the U.S. of war crimes if offensive military 
computer operations or electronic warfare tools severely disrupt critical civilian computer 
systems, or the systems of non-combatant nations. 

Because of the new communications technologies and the growth of the Internet, EW and IO 
have taken on new importance. Insurgents use cell phones and other electronic devices to 
detonate roadside bombs, and afterwards transmit video images of successful attacks against U.S. 
troops for broadcast on the local news or the Internet to influence public opinion about the future 
outcome of the War. In some cases, populations may have these video broadcasts or local TV 
news stories in their native language as their only source of information. DOD is seeking methods 
to counter these actions where violence may be seen as secondary to the use and manipulation of 
information. 

This report describes DOD capabilities for conducting military information operations, and gives 
an overview of related policy issues. 



Definitions 



Information 

Information is a resource created from two things: phenomena (data) that are observed, plus the 
instructions (systems) required to analyze and interpret the data to give it meaning. The value of 
information is enhanced by technology, such as networks and computer databases, which enables 
the military to (1) create a higher level of shared awareness, (2) better synchronize command, 
control, and intelligence, and (3) translate information superiority into combat power. 



DOD Information Operations 

The current DOD term for military information warfare is “Information Operations” (10). DOD 
information operations are actions taken during time of crisis or conflict to affect adversary 
information, while defending one’s own information systems, to achieve or promote specific 
objectives. 7 The focus of IO is on disrupting or influencing an adversary’s decision-making 
processes. 



6 Russell Glenn, Heavy Matter: Urban Operations’ Density of Challenges, Rand Monograph Report, Turning Density 
to Advantage: C4ISR and Information Operations as Examples, Ch. 4, p. 25, http://www.rand.org/pubs/ 
monograph_report s/MR 1239/MR1239.ch4.pdf. 

7 From the DOD Dictionary of Military and Associated Terms, January 2003, http://www.dtic.mil/doctrine/jel/doddict/ 
data/i/index.html. 
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An 10 attack may take many forms, for example: (1) to slow adversary computers, the software 
may be disrupted by transmitting a virus or other malicious code; (2) to disable sophisticated 
adversary weapons, the computer circuitry may be overheated with directed high energy pulses; 
and (3) to misdirect enemy sensors, powerful signals may be broadcast to create false images. 
Other methods for 10 attack may include psychological operations such as initiating TV and radio 
broadcasts to influence the opinions and actions of a target audience, or seizing control of 
network communications to disrupt an adversary’s unity of command. 

Computer Network Defense (CND) is the term used to describe activities that are designed to 
protect U.S. forces against 10 attack from adversaries. Part of CND is information assurance (LA), 
which requires close attention to procedures for what is traditionally called computer and 
information security. 

DOD places new emphasis on the importance of dominating the entire electromagnetic spectrum 
with methods for computer network attack and electronic warfare. DOD also emphasizes that 
because networks are increasingly the operational center of gravity for warfighting, the U.S. 
military must be prepared to “fight the net”.' s Because the recently declassified source document 
containing this phrase has some lines blacked out, it is not clear if “...net” means the Internet. If 
so, then this phrase may be a recognition by DOD that Psychological Operations, including public 
affairs work and public diplomacy, must be employed in new ways to counter the skillful use of 
the Internet and the global news media by U.S. adversaries. 



DOD Information Operations Core Capabilities 

DOD identifies five core capabilities for conduct of information operations; (1) Psychological 
Operations, (2) Military Deception, (3) Operations Security, (4) Computer Network Operations, 
and (5) Electronic Warfare. These capabilities are interdependent, and increasingly are integrated 
to achieve desired effects. 



Psychological Operations (PSYOP) 

DOD defines PSYOP as planned operations to convey selected information to targeted foreign 
audiences to influence their emotions, motives, objective reasoning, and ultimately the behavior 
of foreign governments, organizations, groups, and individuals. 9 For example, during the 
Operation Iraqi Freedom (OIF), broadcast messages were sent from Air Force EC-130E aircraft, 
and from Navy ships operating in the Persian Gulf, along with a barrage of e-mail, faxes, and cell 
phone calls to numerous Iraqi leaders encouraging them to abandon support for Saddam Hussein. 

At the same time, the civilian A1 Jazeera news network, based in Qatar, beams its messages to 
well over 35 million viewers in the Middle East, and is considered by many to be a “market 
competitor” for U.S. PSYOP. Terrorist groups can also use the Internet to quickly place their own 
messages before an international audience. Some observers have stated that the U.S. will continue 



8 DOD Information Operations Roadmap, October 30, 2003, p. 6-7, http://www.gwu.edu/~nsarchiv/NSAEBB/ 
NS AEBB 177/info_ops_roadmap.pdf. 

9 DOD Dictionary of Military Terms , http://www.dtic.mil/doctrine/jel/doddict/. 
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to lose ground in the global media wars until it develops a coordinated strategic communications 
strategy to counter competitive civilian news media, such as A1 Jazeera. 10 

Partly in response to this observation, DOD now emphases that PSYOP must be improved and 
focused against potential adversary decision making, sometimes well in advance of times of 
conflict. Products created for PSYOP must be based on in-depth knowledge of the audience’s 
decision-making processes. Using this knowledge, the PSYOPS products then must be produced 
rapidly, and disseminated directly to targeted audiences throughout the area of operations." 

DOD policy prohibits the use of PSYOP for targeting American audiences. However, while 
military PSYOP products are intended for foreign targeted audiences, DOD also acknowledges 
that the global media may pick up some of these targeted messages, and replay them back to the 
U.S. domestic audience. Therefore, a sharp distinction between foreign and domestic audiences 
cannot be maintained. 12 



Military Deception (MILDEC) 

Deception guides an enemy into making mistakes by presenting false information, images, or 
statements. MILDEC is defined as actions executed to deliberately mislead adversary military 
decision makers with regard to friendly military capabilities, thereby causing the adversary to 
take (or fail to take) specific actions that will contribute to the success of the friendly military 
operation. 

As an example of deception during Operation Iraqi Freedom (OIF), the U.S. Navy deployed the 
Tactical Air Launched Decoy system to divert Iraqi air defenses away from real combat aircraft. 



Operational Security (OPSEC) 

OPSEC is defined as a process of identifying information that is critical to friendly operations and 
which could enable adversaries to attack operational vulnerabilities. For example, during OIF, 

U.S. forces were warned to remove certain information from DOD public websites, so that Iraqi 
forces could not exploit sensitive but unclassified information. 



Computer Network Operations (CNO) 

CNO includes the capability to: (1) attack and disrupt enemy computer networks; (2) defend our 
own military information systems; and (3) exploit enemy computer networks through intelligence 
collection, usually done through use of computer code and computer applications. The Joint 
Information Operations Warfare Command (JIOWC) and the Joint Functional Component 
Command for Network Warfare (JFCCNW) are responsible for the evolving mission of Computer 



1(1 Air Force, Operation Iraqi Freedom Information Operations Lessons Learned: First Look, AFC2ISRC/CX, July 23, 
2003, http://www.insidedefense.com/secure/data_extra/pdf3/dplus2004_265.pdf. 

11 DOD Information Operations Roadmap, October 30, 2003, p. 6, http://www.gwu.edu/~nsarchiv/NSAEBB/ 

NS AEBB 1 77/info_ops_roadmap.pdf. 

12 DOD Information Operations Roadmap, October 30, 2003, p. 26, http://www.gwu.edu/~nsarchiv/NSAEBB/ 

NS AEBB 177/info_ops_roadmap.pdf. 
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Network Attack . 13 The exact capabilities of the JIOWC and JFCCNW are highly classified, and 
DOD officials have reportedly never admitted to launching a cyber attack against an enemy, 
however many computer security officials believe the organization can destroy networks and 
penetrate enemy computers to steal or manipulate data, and take down enemy command-and- 
control systems. They also believe that the organization consists of personnel from the CIA, 
National Security Agency, FBI, the four military branches, and civilians and military 
representatives from allied nations . 14 

Computer Network Defense (CND) 

CND is defined as defensive measures to protect information, computers, and networks from 
disruption or destruction. CND includes actions taken to monitor, detect, and respond to 
unauthorized computer activity. Responses to IO attack against U.S. forces may include use of 
passive information assurance tools, such as firewalls or data encryption, or may include more 
intrusive actions, such as monitoring adversary computers to determine their capabilities before 
they can attempt an IO attack against U.S. forces. 

Some DOD officials believes that CND may lack sufficient policy and legal analysis for guiding 
appropriate responses to intrusions or attacks on DOD networks. Therefore, DOD has 
recommended that a legal review be conducted to determine what level of intrusion or data 
manipulation constitutes an attack. The distinction is necessary in order to clarify whether an 
action should be called an attack or an intelligence collection operation, and which aggressive 
actions can be appropriately taken in self-defense. This legal review should also determine if 
appropriate authorities permit U.S. forces to retaliate through manipulation of unwitting third 
party computer hosts. And finally, DOD has recommended structuring a legal regime that applies 
separately to domestic and to foreign sources of computer attack against DOD or the U.S. critical. 
infrastructure . 15 

Computer Network Exploitation (CNE) 

CNE is an area of IO that is not yet clearly defined within DOD. Before a crisis develops, DOD 
seeks to prepare the IO battlespace through intelligence, surveillance, and reconnaissance, and 
through extensive planning activities. This involves intelligence collection, that in the case of IO, 
is usually performed through network tools that penetrate adversary systems to gain information 
about system vulnerabilities, or to make unauthorized copies of important files. Tools used for 
CNE are similar to those used for computer attack, but configured for intelligence collection 
rather than system disruption. 



13 John Lasker, U.S. Military’s Elite Hacker Crew, Wired News, April 18, 2005, http://www.wired.com/news/privacy/ 
0,1848,67223,00.html, U.S. Strategic Command Fact File http://www.stratcom.mil/fact_sheets/factjtf_gno.html and 
http://www.stratcom.mil/fact_sheets/fact_jioc.html. 

14 John Lasker, U.S. Military’s Elite Hacker Crew, April 18, 2005, Wired News, http://www.wired.com/news/privacy/ 
0,67223-0. html ?t w= wn_story_page_pre v2 . 

15 DOD Information Operations Roadmap, October 30, 2003, p. 52. http://www.gwu.edu/~nsarchiv/NSAEBB/ 
NSAEBB 177/info_ops_roadmap.pdf. 
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Computer Network Attack (CNA) 

CNA is defined as effects intended to disrupt or destroy information resident in computers and 
computer networks. As a distinguishing feature. CNA normally relies on a data stream used as a 
weapon to execute an attack. For example, sending a digital signal stream through a network to 
instruct a controller to shut off the power flow is CNA. while sending a high voltage surge 
through the electrical power cable to short out the power supply is considered Electronic Warfare 
(However, a digital stream of computer code or a pulse of electromagnetic power can both be 
used to also create false images in adversary computers). 

During Operation Iraqi Freedom, U.S. and coalition forces reportedly did not execute any 
computer network attacks against Iraqi systems. Even though comprehensive IO plans were 
prepared in advance, DOD officials stated that top-level approval for several CNA missions was 
not granted until it was too late to carry them out to achieve war objectives. 16 U.S. officials may 
have rejected launching a planned cyber attack against Iraqi financial computers because Iraq’s 
banking network is connected to a financial communications network also located in Europe. 
Consequently, according to Pentagon sources, an information operations attack directed at Iraq 
might also have brought down banks and ATM machines located in parts of Europe as well. Such 
global network interconnections, plus close network links between Iraqi military computer 
systems and the civilian infrastructure, reportedly frustrated attempts by U.S. forces to design a 
cyber attack that would be limited to military targets only in Iraq. 17 

In a meeting held in January 2003, at the Massachusetts Institute of Technology, White House 
officials sought input from experts outside government on guidelines for use of cyber-warfare. 
Officials have stated they are proceeding cautiously, since a cyberattack could have serious 
cascading effects, perhaps causing major disruption to networked civilian systems. 18 In February 
2003, the Bush Administration announced national-level guidance for determining when and how 
the United States would launch computer network attacks against foreign adversary computer 
systems. The classified guidance, known as National Security Presidential Directive 16, is 
intended to clarify circumstances under which a disabling computer attack would be justified, and 
who has authority to launch such an attack. 



Electronic Warfare (EW) 

EW is defined by DOD as any military action involving the direction or control of 
electromagnetic spectrum energy to deceive or attack the enemy. High power electromagnetic 
energy can be used as a tool to overload or disrupt the electrical circuitry of almost any 
equipment that uses transistors, micro-circuits, or metal wiring. 19 Directed energy weapons 
amplify, or disrupt, the power of an electromagnetic field by projecting enough energy to 
overheat and permanently damage circuitry, or jam, overpower, and misdirect the processing in 
computerized systems. The Electronic Warfare Division of the Army Asymmetric Warfare Office 

16 Elaine Grossman, “Officials: Space, Info Targets Largely Cobbled On-The-Fly for Iraq,” Inside the Pentagon , May 
29, 2003. 

17 Charles Smith, “U.S. Information Warriors Wrestle with New Weapons,” NewsMax.com, March 13, 2003 
http://www.newsmax.eom/archives/articles/2003/3/12/134712.shtml. 

IS Bradley Graham, “Bush Orders Guidelines for Cyber-Warfare,” Washington Post , February 7, 2003, Section A, p. 1. 
19 CRS Report RL32544, High Altitude Electromagnetic Pulse (HEMP) and High Power Microwave (HPM) Devices: 
Threat Assessments, by Clay Wilson. 
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has responsibility for creating electronic warfare policy, and for supporting development of new 
electromagnetic spectrum concepts that can be translated into equipment and weapons. 

Domination of the Electromagnetic Spectrum 

DOD now emphasizes maximum control of the entire electromagnetic spectrum, including the 
capability to disrupt all current and future communication systems, sensors, and weapons 
systems. This may include: (1) navigation warfare, including methods for offensive space 
operations where global positioning satellites may be disrupted; or, (2) methods to control 
adversary radio systems; and, (3) methods to place false images onto radar systems, block 
directed energy weapons, and misdirect unmanned aerial vehicles (UAVs) or robots operated by 
adversaries. 20 

For example, recent military IO testing examined the capability to secretly enter an enemy 
computer network and monitor what their radar systems could detect. Further experiments tested 
the capability to take over enemy computers and manipulate their radar to show false images. 21 

Electromagnetic Non-Kinetic Weapons 

Non-kinetic weapons emit directed electromagnetic energy that, in short pulses, may permanently 
disable enemy computer circuitry. For example, an electromagnetic non-kinetic weapon mounted 
in an aircraft, or on the ground, might disable an approaching enemy missile by directing a Fligh 
Power Microwave (HPM) beam that burns out the circuitry, or that sends a false telemetry signal 
to misdirect the targeting computer. 22 Also, at reduced power, electromagnetic non-kinetic 
weapons can also be used as a non-lethal method for crowd control. 

The Active Denial System (ADS), developed by the Air Force, is a vehicle-mounted nonlethal, 
counter-personnel directed energy weapon. Currently, most non-lethal weapons for crowd control, 
such as bean-bag rounds, utilize kinetic energy. However, the ADS projects a focused beam of 
millimeter energy waves to induce an intolerable burning sensation on an adversary’s skin, 
repelling the individual without causing injury. Proponents say the ADS is safe and effective at 
ranges between 50 and 1,600 feet. The nonlethal capabilities of the ADS are designed to protect 
the innocent, minimize fatalities, and limit collateral damage. 23 

The Pentagon reportedly has requested immediate deployment of at least 8 ADS devices to Iraq to 
assist Marines in guarding posts, countering insurgent snipers and protecting convoys. The ADS 
system would be the first operationally deployed directed-energy weapon for counter-personnel 
missions. 24 



20 DOD Information Operations Roadmap, October 30, 2003, p. 61. http://www.gwu.edu/~nsarchiv/NSAEBB/ 

NS AEBB 177/info_ops_roadmap.pdf. 

21 These programs were called Suter 1 and Suter 2, and were tested during Joint Expeditionary Forces Experiments held 
at Nellis Air Force Base in 2000 and 2002. David Fulghum, “Sneak Attack," Aviation Week & Space Technology, June 
28, 2004, p. 34. 

' 2 David Fulghum, "Sneak Attack,” Aviation Week & Space Technology, June 28, 2004, p. 34. 

23 Active Denial System, Fact Sheet, Air Force Research Lab, Office of Public Affairs, Kirtland Air Force Base, 
http://www.de.afrl.af.mil/Factsheets/ActiveDenial.pdf. 

24 Jason Sherman, Pentagon Considering Sending Non-Lethal Ray Gun to Iraq, Inside Defense, March 2, 2007. 
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New U.S.A.F. Cyber Command 

The Air Force is not laying claim to the cyber domain, but their new mission statement indicates 
they are building a force to operate in that domain. Secretary of the Air Force Michael W. Wynne 
recently stated that the new mission of the U.S. Air Force is to “fly and fight in air, space, and 
cyberspace.” For the Air Force, this means that military action in cyberspace now includes 
defending against malicious activity on the Internet, and anywhere across the entire 
electromagnetic spectrum (including the energy spectrum bands for radio, microwaves, infrared, 
X-ray, and all other options for directed energy), where national security is threatened. 2 " Secretary 
Wynne stated that cyberwarfare flows naturally from the Air Force’s traditional missions, such as 
downloading data from platforms in space, and that U.S. capabilities should be expanded to also 
enable the shut down of enemy electronic networks. Consequently, the 8 th Air Force, 
headquartered at Barksdale Air Force Base, La., has been designated as the operational Cyber 
Command, responsible for organizing, training, and equipping the Air Force for cyberspace 
operations. 26 The new Cyber Command will draw on resources from all Air Force commands to 
gather needed expert capabilities. 

Air Force officials, led by the Air Force Chief of Staff Gen. Michael Mosley, met at the Pentagon 
in a “cyberwarfare-themed summit” during November 2006, to make plans for the new Air Force 
Cyber Command. 27 General Elder stated that the planning session will include an assessment of 
cyberwarfare requirements to defend the nation. 28 

Homeland security reportedly will also be a large part of the Cyber Command’s new 
responsibility, including protection of telecommunications systems, utilities, and transportation. 
Several issues to be considered may include: (1) what kind of educational skills, technical skills, 
and training are needed for staff at the Cyber Command; and (2), what kind of career path can be 
offered to those in the Air Force who want to participate in defending the new cyber domain. 

In addition, the Air Force Materiel Command will review the research now ongoing at the 8 th Air 
Force headquarters to identify which work should receive funding as part of the new 
cyberwarfare function. 29 Some examples of systems or projects that could be affected by the 
cyber command mission include (1) the Airborne Laser System at Edwards AFB, (2) the Active 
Denial System at Moody AFB, (3) the Joint Surveillance Target Attack Radar System at Robins 
AFB, and (4) efforts to protect against damage to computer systems due to electromagnetic pulse 
attack. 

Officials at the 8 th Air Force report that as of January 2007, the new U.S.A.F. cyber command has 
not yet been officially activated, and the final command structure has not been determined. 30 



25 John Bennett and Carlo Munoz, USAF Sets Up First Cyberspace Command, Military.com, November 4, 2006, 
http://www.military.eom/features/0, 15240, 1 1 8354.00.html. 

26 Todd Lopez, 8 th Air Force to become New Cyber Command, Air Force Link, November 3, 2006, http://www.af.mil/ 
news/story.asp?storyID=123030505. Dave Ahearn, Air Force Forms Cyberspace Unit, Defense Daily, November 3, 
2006. 

27 Contact for Dr. Lani Kass, Director of Air Force Cyberspace Task Force, and Special Assistant to General Michael 
Moseley, is through Maj. Gary Conn, Gary.Conn@pentagon.af.mil, 703-697-3143. 

2S Personal communication with Air Force Public Affairs Office, January 26, 2007. 

29 Head Quarters at Wright Patterson AFB, 937-522-3252, http://www.wpafb.af.mil/. 

30 Personal communication. Public Affairs Office at the 8 th Air Force, which can be reached at 318-456-2145, 
(continued...) 
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Initially, the new organization will operate on an equal footing with other numbered Air Force 
headquarters. However, eventually the new organization will become a major command that will 
stand alongside the Air Force Space Command and the Air Combat Command. Precise future 
command relationships are still being decided in the ongoing planning effort, and more details 
will be forthcoming. 31 



Joint Command Structure for Cyberwarfare 

Currently, the U.S. Strategic Command (USSTRATCOM), which is a unified combatant 
command for U.S. strategic forces, controls military information operations, space command, 
strategic warning and intelligence assessments, global strategic operations planning, and also has 
overall responsibility for Computer Network Operations (CNO). 32 

Beneath USSTRATCOM are several Joint Functional Component Commands (JFCCs): (1) space 
and global strike integration; (2) intelligence, surveillance and reconnaissance; (3) network 
warfare; (4) integrated missile defense; and (5) combating weapons of mass destruction. 33 

The JFCC-Network Warfare (JFCC-NW), and the JFCC-Space & Global Strike (JFCC-SGS) 
have responsibility for overall DOD cyber security, while the Joint Task Force-Global Network 
Operations (JTF-GNO) and the Joint information Operations Warfare Center (JIOWC) both have 
direct responsibility for defense against cyber attack. 34 The JTF-GNO defends the DOD Global 
Information Grid, while the JIOWC assists combatant commands with an integrated approach to 
information operations. These include operations security, psychological operations, military 
deception, and electronic warfare. The JIOWC also coordinates network operations and network 
warfare with the JTF-GNO and with JFCC-NW. 



DOD and the U.S. Critical Infrastructure 

DOD officials have noted that because 80 percent of U.S. commerce goes through the Internet, 
DOD systems must develop a capability to adequately protect them. 35 Currently, to assist 
commercially-owned telecommunications networks, communications satellite systems, and other 
civilian critical infrastructure systems, DOD contracts with Carnegie Mellon’s Software 
Engineering Institute to operate the Computer Emergency Response Team (CERT-CC), while 
DHS in partnership with private industry operates a parallel organization called US-CERT. Both 
organizations monitor trends in malicious code and cyber crime, send out alerts about threats to 
computer systems, and provide guidance for recovery after an attack. 



(...continued) 

http://www.8af.acc.af.mil. 

31 Personal communication with Air Force Public Affairs Office, January 26, 2007. 

32 The Public Affairs Office for the Air Force at the Pentagon can be contacted at 703-571-2776. 

33 United State Strategic Command, July 2006, http://www.stratcom.mil/organization-fnc_comp.html. 

34 Clark A. Murdock et al.. Beyond Goldwater-Nichols: U.S. Government and Defense Reform for a New Strategic 
Era, Phase 2 Report, July 2005, Center for Strategic and International Studies, p. 128, http://www.ndu.edu/Ubrary/docs/ 
BeyondGoldwaterNicholsPhase2Report.pdf. 

35 John Doyle, Air Force To Elevate Status Of Cyberspace Command, Aerospace Daily & Defense Report, March 22, 
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Information Operations by Adversaries 

The low cost of entry (for example, a laptop connected to the Internet), and the ability to operate 
anonymously, are factors that makes cyberspace attractive to adversaries who know they cannot 
challenge the United States in a symmetrical contest. Potential adversaries, such as China, Russia, 
Cuba, Iran, Iraq, Libya, North Korea, and several non-state terrorist groups are reportedly 
developing capabilities to attack or degrade U.S. civilian and military networks. “Moonlight 
Maze” and “Titan Rain” are examples of successful attacks against non-classified military 
systems which DOD officials claim were directed by other governments. 36 

According to the Defense Department’s annual report to Congress on China’s military prowess, 
the Chinese military is enhancing its information operations capabilities. 37 The report finds that 
China is placing specific emphasis on the ability to perform information operations designed to 
weaken an enemy force’s command and control systems. 38 

Terrorist groups also use wireless electronics to detonate roadside bombs (Improvised Explosive 
Devices). They also use the Internet to transmit financial transactions, and use free Global 
Positioning System (GPS) signals and commercial satellite video and images to direct their 
ground attacks against U.S. and coalition hoops. 39 

Reportedly, only a small portion of the Iraq i populace watch and listen to the current government 
run television and radio news broadcasts, with the majority preferring instead to support the 
foreign satellite news stations such as Al-Jazeera and Al-Arabiya. Observers say that most Arabs 
believe that U.S. sponsored news broadcasts are managed too closely by the coalition powers and 
do not objectively present the news. When the Iraqi Governing Council (IGC) prohibited Al- 
Jazeera and Al-Arabiya from covering all IGC events during a short period in early 2004, this 
action reportedly gave many Iraqi people the impression that the Coalition Provisional Authority 
(CPA) was manipulating their information. 40 

Some observers have also stated that terrorist groups, through use of the Internet, are now 
challenging the monopoly over mass communications that both state-owned and commercial 
media have long exercised. A strategy of the terrorists is to propagate their messages quickly and 
repeat them until they have saturated cyberspace. Internet messages by terrorist groups have 
become increasingly sophisticated through use of a cadre of Internet specialists who operate 



36 Elinor Abreu, Epic cyberattack reveals cracks in U.S. defense, CNN.com, May 10, 2001, http://archives.cnn.com/ 
2001/TECH/intemet/05/10/3.year.cyberattack.idg/. Declan McCullagh, Feds Say Fidel Is Hacker Threat, 
WiredNews.com, February 9, 2001, http://www.wired.eom/news/politics/0, 1283, 41700,00.html. Staff, Cyberattack 
could result in military response, USAToday, February 14, 2002, http://www.usatoday.conr/tech/news/2002/02/14/ 
cyberterrorism.htm. 

37 See the FY2004 Report to Congress on PRC Military Power, http://www.defenselink.mil/pubs/d20040528PRC.pdf. 

38 John Bennett, “Commission: U.S. Should Push Beijing to up Pressure on North Korea,” Inside the Pentagon, June 
17, 2004. 

39 Daniel Helmer, The Poor Man’ s FBCB2: R U Ready 4 the 3G Celfone?, Armor, November/December 2006, p. 7. 

40 Maj. Patrick Mackin, Information Operations and the Global War on Terror: The Joint Force Commander’s Fight 
for Hearts and Minds in the 21 s ' Century, Joint Military Operations Department, Naval War College, September 2, 
2004, p. 14. 
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computer servers worldwide. Other observers have also stated that al-Qaeda now relies on a 
Global Islamic Media Unit to assist with its public outreach efforts. 41 



Attribution for Cyberattack: Estonia, April 2007 

A persistent problem after a computer network attack is accurate and timely identification of the 
attacker. This uncertainty may affect decisions about how and against whom, or even whether, to 
retaliate. 

On April 27, 2007, officials in Estonia moved a Soviet-era war memorial commemorating an 
unknown Russian who died fighting the Nazis. The move stirred emotions, and soon incited 
rioting by ethnic Russians, and the blockading of the Estonian Embassy in Moscow. The event 
also marked the beginning of a series of large and sustained Distributed Denial-Of-Service 
(DDOS) attacks launched against several Estonian national websites, including government 
ministries and the prime minister’s Reform Party. 42 The attacks were described as crippling, 
owing to the limited IT resources of Estonia. 

Initially, the Russian government was blamed by Estonian officials for the cyberattacks, but it is 
unclear whether the attacks are sanctioned or initiated by the Russian government. NATO sent 
computer security experts to Estonia to help protect government systems against continued 
attacks, and to help recover from the attacks. 

However, some analysts later concluded that the cyber attacks targeting Estonia were not a 
concerted attack, but instead were the product spontaneous anger from a loose federation of 
separate attackers. Technical data showed that sources of the attack were worldwide rather than 
concentrated in a few locations. The computer code that caused the DDOS attack was posted and 
shared in many Russian language chat rooms, where the moving of the statue was a very 
emotional topic for discussion. These analysts state that although various Estonian government 
agencies were taken offline, there was no apparent attempt to target national critical infrastructure 
other than internet resources, and no extortion demands were made. Their analysis concluded that 
there was no Russian government connection to the attacks against Estonia. 43 



Law and Proportionality for Information Operations 

The new Air Force Cyber Command reportedly will follow the law of Armed Conflict, meaning a 
response taken after receiving an electronic or cyber attack will be scaled in proportion to the 
attack received, and distinctions will be maintained between combatants and civilians. 44 However, 



41 Jacquelyn S. Porth, Terrorists Use Cyberspace as Important Communications Tool , U.S. Department of State, 
USInfo.State.Gov, May 5, 2006, http://usinfo.state.gov/is/Archive/2006/May/08-429418.html. 

42 Robert Vamosi, Cyberattack in Estonia — what it really means, CnetNews.com, May 29, 2007, http://news.com.com/ 
Cyberattack+in+Estonia-what+it+really+means/2008-7349_3-6186751.html. 

43 Estonian DDoS — a final analysis, Heise Security, http://www.heise-security.co.uk/news/print/90461. 

44 The Law of Armed Conflict (LOAC) is a part of public international law that regulates the conduct of armed 
hostilities between nations, and is intended to protect civilians, the wounded, sick, and shipwrecked. LOAC training for 
U.S. military is a treaty obligation for the United States under provisions of the 1949 Geneva Conventions. Also, under 
18 U.S. Code 2441, war crimes committed by or against Americans may violate U.S. criminal law. James Baker, When 
Lawyers Advise Presidents in Wartime, Naval War College Review, Winter 2002, Vol. LV, No. 1. Terry Kiss, ed.. Law 
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protection against attack through cyberspace is a new task for the military, and the offensive tools 
and other capabilities used by DOD to stage retaliatory strikes against enemy systems are highly 
classified. Experience has shown that a reactive defense is not very effective against increasingly 
powerful and rapid malicious cyber attacks, or against other malicious activity using the 
electromagnetic spectrum. A more effective defense against these attacks is to incorporate 
predictive, active, and pre-emptive measures that allow DOD defenders to prevent, deflect, or 
minimize the efforts of the attacker. 



Cyberwarrior Education 

As more U.S. military systems become computerized and linked to networks, there is a growing 
need for qualified Electronic Warfare operators. 45 Each year, DOD conducts a Cyber Defense 
Exercise, where teams of students from the nation’s military academies advance their cyber s ki lls 
in practice competition where they deliberately hack into test networks, and also protect these test 
networks against intrusions by other teams. However, DOD must attract, train, and retain skilled 
information technology professionals beyond those enrolled in the military academies. 

In an attempt to solve this problem, the Air Force Research Laboratory (AFRL) Cyber Operations 
Branch offers a 10-week summer program each year for university students, consisting of 
intensive studies in cyber security. The Advanced Course in Engineering (ACE) Cyber Security 
Boot Camp has been held at Rome, NY for the past 4 years, and involves between 40 and 60 
student applicants from Air Force and Army pre -commissioning programs, some National 
Science Foundation Cyber Corps Fellows, and some civilian college students. For 2006, the 
theme was “Cybercraft”, described as a non-kinetic weapon platform that seeks dominance in 
cyberspace, corresponding to the new mission of the Air Force to ‘fly and fight in air, space, and 
cyberspace’, according to program director Dr. Kamal Jabbour. Students study legal and policy 
issues, cryptography, computer network defense and attack, steganography, and analysis of 
malicious code. ACE students also spend an average of three days per week in internships at the 
Air Force Research Laboratory, or with local industry partners, and participate in officer 
development activities. The faculty for ACE is drawn from Syracuse University, West Point, and 
Norwich University. 

DHS and the National Science Foundation (NSF) have recognized the ACE program as an official 
internship program for Federal Cyber Service Scholarship for Service (SFS) program. The SFS 
program seeks to increase the number of skilled students entering the fields of information 
assurance and cyber security by funding universities to award 2-year scholarships in cyber 
security. Graduates are then required to work for a federal agency for two years. Recent ACE 
graduates are now working at the Air Force Office of Special Investigations, the AFRL, and the 
NSA. 

Also, as a result of ACE summer program success with college students, in September 2006, 
Syracuse University developed a special cyber security course to be offered in 12 high schools in 



(...continued) 

of Armed Conflict, Air University Library, Maxwell AFB, Jan 2005, http://www.au.af.mil/au/aul/bibs/loacots.htm. Josh 
Rogin, Air Force to Create Cyber Command, FCW.COM. November 13, 2006, http://www.fcw.com/article96791-l 1- 
13-06-Print&printLayout. 

43 Patience Wait, Army Shores up EM spectrum skills. Government Computer News, March 19, 2007. 
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New Your State. Currently, Syracuse University offers 29 introductory cyber security courses in 
148 high schools throughout New York, New Jersey, Maine, Massachusetts, and Michigan. High 
school students who successfully complete the cyber security courses can receive Syracuse 
college credits in computer science and engineering. 



Policy Issues 

Potential oversight issues for Congress may include the following areas. 

Could provocative actions, for example, intelligence gathering by the U.S. military that involves 
using intrusive cyber or electronic warfare tools to monitor enemy system activity, or copy 
important data files, be challenged by other nations as a violation of the law of Armed Conflict? 
Exploratory intrusions by U.S. military computers to gather intelligence may provoke other 
strong or unexpected responses from some countries or extremist groups that are targeted for 
monitoring by DOD. 

Several questions also may arise when considering a retaliatory cyber or electronic warfare 
counter strike: (1) if the attacker is a civilian, should the attack be considered a law enforcement 
problem rather than a military matter?; (2) if a U.S. military cyberattack against a foreign 
government also disables civilian infrastructure, can it be legally justified?; or (3) how can the 
military be certain that a targeted foreign computer system has not been innocently set up to 
appear as an attacker by another third party attacker? 

Some observers have stated that success in future conflicts will depend less on the will of 
governments, and more on the perceptions of populations, and that perception control will be 
achieved and opinions shaped by the warring group that best exploits the global media. 46 As a 
result of the increasingly sophisticated use of networks by terrorist groups and the potentially 
strong influence of messages carried by the global media, does DOD now view the Internet and 
the mainstream media as a possible threat to the success of U.S. military missions? How strongly 
will U.S. military PSYOP be used to manipulate public opinion, or reduce opposition to 
unpopular decisions in the future? 

Another emerging issue may be whether DOD is legislatively authorized to engage in PSYOP 
that may also affect domestic audiences. 47 DOD Joint Publication 3-13, released February 2006, 
provides current doctrine for U.S. military Information Operations, and explains the importance 
of achieving information superiority. 48 However, the DOD Information Operations Roadmap, 
published October 2003, states that PSYOP messages intended for foreign audiences increasingly 
are consumed by the U.S. domestic audience, usually because they can be re-broadcast through 
the global media. The Roadmap document states that, “...the distinction between foreign and 
domestic audiences becomes more a question of USG (U.S. Government) intent rather than 
information dissemination practices (by DOD).” 49 This may be interpreted to mean that DOD has 



46 Maj. Gen. Robert Scales (Ret), Clausewitz and World War IV, Armed Forces Journal, July 2006, p. 19. 

47 Psychological Operations are authorized for the military under Title 10, USC, Subtitle A, Part I, Chapter 6, Section 
167. 

4S DOD Joint Publication 3-13, Information Operations, February 13, 2006, http://www.dtic.mil/doctrine/jel/new_pubs/ 
jp3_13.pdf. 

49 DOD Information Operations Roadmap, October 30, 2003, p. 26. http://www.gwu.edu/~nsarchiv/NSAEBB/ 
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no control over who consumes PSYOP messages once they are re-transmitted by commercial 
media. 



Current Legislation 

H.R. 1585, the National Defense Authorization Act for Fiscal Year 2008, would require the 
Secretary of Defense to conduct a 'quadrennial roles and missions review’ for the Department of 
Defense, which will also include cyber operations. This bill was passed by House on 5/17/2007, 
and received in the Senate on 6/4/2007. 

H.Rept. 110-146, on H.R. 1585, by the Committee on Armed Services. This report states that 
within 180 days after enactment of the National Defense Authorization Act for 2008, the 
Secretary of Defense must submit a report to congressional defense committees, with the 
following requirements: 

1. Review legal authorities to ensure effective cyberspace operations. 

2. Review DOD’s policies for information sharing and risk management for cyberspace 
operations. 

3. Provide an overview of DOD’s cyberspace organization, strategy, and programs. 

4. Assess operational challenges, including the impact of the military’s reliance on 
commercial communications infrastructure. 

5. Recommend ways to improve DOD’s ability to coordinate cyberspace operations with 
law enforcement, intelligence communities, the commercial sector, and with international 
allies. The recommendations shall include consideration of the establishment of a single 
joint organization for cyberspace operations. 

6. Provide an overview of training and educational requirements. 

7. Provide an overview of funding for cyberspace operations. 
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